Good security is a combination of prevention, detection and response — robust, resilient, responsive.

Five years ago, that simple statement was novel. There were no purpose-built technologies that armed security teams with the capabilities needed to instruct, orchestrate and automate the incident response process. So there began Resilient Systems’ mission: to empower organizations to thrive in the face of cyberattacks and business crises.

We built the industry’s first Security Orchestration, Automation, and Response (SOAR) Platform. Now in version 25, it seamlessly connects with the myriad of security tools used by organizations today, creating an intelligent incident response hub. It brings together people, processes and technology with the potency and intelligence needed to fight today’s cyber battles.

Having pioneered this nascent market, today, we’re delighted to announce our intention to become part of the world’s fastest-growing enterprise security company, IBM Security. Once the acquisition is closed, the market will have leading prevention, detection and response technologies available in a single portfolio — the security trifecta.

Simply put, it helps customers transform their security posture.

We’ve found that organizations with capable response have greater cyber resilience. IBM Security General Manager Marc van Zadelhoff referred to the Ponemon Institute report we sponsored in 2015 that showed U.S. organizations were lacking response planning and preparedness while struggling for greater resilience. We recently released similar studies for the U.K. and Germany.

Like the U.S. study, these new reports show that there are clear global trends of insufficient planning, lack of collaboration and lack of focus on building capable response.

Combining our knowledge and expertise with IBM is a perfect fit culturally and technologically. We’re already integrated with IBM QRadar and IBM App Exchange in production environments, and the opportunity to deepen that integration and extend it into other IBM technologies makes for a compelling solution for our joint customers.

Our mission continues, but now at a level that we couldn’t possibly have accomplished on our own. We’re very excited for what’s in store for our employees, customers and partners.

More from Threat Intelligence

“Authorized” to break in: Adversaries use valid credentials to compromise cloud environments

4 min read - Overprivileged plaintext credentials left on display in 33% of X-Force adversary simulations Adversaries are constantly seeking to improve their productivity margins, but new data from IBM X-Force suggests they aren’t exclusively leaning on sophistication to do so. Simple yet reliable tactics that offer ease of use and often direct access to privileged environments are still heavily relied upon. Today X-Force released the 2023 Cloud Threat Landscape Report, detailing common trends and top threats observed against cloud environments over the past…

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…